Adoption and Implementation of the Zero Trust Security Model
Defensive Strategy Against
The Perils Of Zero Day Exploit
Over the last few years, organisations are finding it tough to keep up with the volume of potential threats and severity of advanced attack vectors, especially with traditional security measures in place. In this scenario, while the success rate of containing a known threat is still high, the real struggle begins when security professionals have to handle emerging threats that take advantage of unknown vulnerabilities in software.
Such attacks are referred to as “Zero Day Exploit” that leverages a zero-day vulnerability for which patches are not available and occurs on the zero day of awareness when no defences are in place.
Zero-Day Exploit becomes really dangerous when cybercriminals reserve undiscovered vulnerabilities for future use against high value targets, thereby increasing the lifespan of the exploit. But, once a zero-day vulnerability is brought to a software company’s attention, a security patch could be created and released, post which the exploit is no-longer called “Zero-Day”. Normally, these actions follow as soon as a software vulnerability is found.
- A vulnerability in code is released as part of a software application.
- Attackers find a way to attack vulnerable systems through the newly discovered vulnerability
- Vulnerability is discovered by vendor, but a patch is still not available.
- Vulnerability is disclosed publicly, making both users and attackers widely aware of it.
- Anti-virus vendors identify the attack signature and protect against it.
- A patch is released by the vendor that fixes the vulnerability.
- Application of the patch is completed by software users.
But, before these patches are developed, distributed and applied on applications, systems are still vulnerable throughout the entire period , giving the attackers an additional advantage of time to deploy their malware through the vulnerabilities and compromise scores of devices or network.
Attackers normally follow a 6-step approach to target their victims
- Discover Vulnerabilities.
- Create a malware program.
- Look for affected system.
- Zero-day exploit launched
An empirical study has shown that the average window of exposure for a zero day attack is ten months. Throughout this window of exposure, a race begins among attackers, vendors and users with attackers trying their best to make it to the affected system before a patch is deployed and antivirus system is updated by organizations.